<?php
/**
 * Created by PhpStorm.
 * User: xiaomage
 * Date: 2020/12/8
 * Time: 13:45
 */
namespace common\middleware;

use common\ApiReturn;
use common\security\XRequestId;
use think\Request;

class ApiRequest
{
    /**
     * @param Request $request
     * @param \Closure $next
     * @return mixed
     */
    public function handle($request, \Closure $next)
    {
        /**
         * 设置允许跨域请求
         *
         * 这里没有使用thinkphp6内置的跨域请求是应为 请求头中有自定义的字段信息，
         *
         * X-Request-id、Authorize等
         */
        header('Content-Type: text/html;charset=utf-8');
        // * 代表允许任何网址请求
        header('Access-Control-Allow-Origin: *');
        // 允许请求的类型
        header('Access-Control-Allow-Methods:POST,GET,OPTIONS,DELETE,PUT,PATCH');
        // 设置是否允许发送 cookies
        header('Access-Control-Allow-Credentials: true');
        // 设置允许自定义请求头的字段  这里要特别出主意
        header('Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with,Origin,X-Request-id,Authorize,SessId');

        $result = XRequestId::verify();
        if (false === $result) {
            return ApiReturn::code(REQUEST_ILLEGAL);
        }

        return $next($request);
    }
}